CVE-2021-47956

EgavilanMedia PHPCRUD 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the firstname parameter. Attackers can send POST requests to insert.php with malicious firstname values to extract sensitive databas...

Flight vulnerable to SQL Injection via unvalidated identifiers in SimplePdo::insert / update / delete

Summary SimplePdo::insert, SimplePdo::update, and SimplePdo::delete build SQL statements by concatenating the $table argument and the keys of the $data array directly into the query, with no identifier quoting and no validation. When an application forwards user-controlled data shapes to these...

Online Marriage Registration System 1.0 - Persistent Cross-Site Scripting

Exploit Title: Online Marriage Registration System 1.0 - Persistent Cross-Site Scripting Google Dork: N/A Date: 2020-05-26 Exploit Author: that faceless coderInveteck Global Vendor Homepage: https://phpgurukul.com/ Software Link:...

CVE-2018-1052

Memory disclosure vulnerability in table partitioning was found in postgresql 10.x before 10.2, allowing an authenticated attacker to read arbitrary bytes of server memory via purpose-crafted insert to a partitioned table...

PizzaInn_Project - SQL Injection

Exploit: PizzaInnProject - SQL Injection + Author: vinicius777 + Contact: vinicius777 AT gmail @vinicius777 + Vendor Homepage: http://sourceforge.net/projects/restaurantmis/ 1 Sql Injection Time Based Blind PoC: http://127.0.0.1/reserve-exec.php?id=1' SQL Injection Vulnerable Code: +...